diff --git a/defaults/main.yml b/defaults/main.yml
index 219b337..2dd2b29 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -30,6 +30,11 @@ openvpn_keydir: "{{ openvpn_etcdir }}/keys"
 # README. Then you can simply point this variable to the pki folder of the
 # easyrsa installation and all keys/certificates will be located fine.
 # }}}
+
+openvpn_ca_certs_file: '{{ openvpn_keydir }}/ca.crt'
+openvpn_server_cert_file: '{{ openvpn_keydir }}/issued/server.crt'
+openvpn_server_key_file: '{{ openvpn_keydir }}/private/server.key'
+
 # Server configuration {{{
 # Default settings (See OpenVPN documentation)
 openvpn_host: "{{ inventory_hostname }}"
diff --git a/tasks/core/clients.yml b/tasks/core/clients.yml
index 63e9d27..468a47c 100644
--- a/tasks/core/clients.yml
+++ b/tasks/core/clients.yml
@@ -14,7 +14,7 @@
       {{ openvpn_keydir }}/issued/{{ item }}.crt
       {{ openvpn_keydir }}/private/{{ item }}.key
       {{ item }}.ovpn
-      {{ openvpn_keydir }}/ca.crt
+      {{ openvpn_ca_certs_file }}
       {{ openvpn_tls_key if openvpn_tls_auth else '' }}
   loop: "{{ openvpn_clients }}"
   loop_control:
diff --git a/tasks/core/read-client-files.yml b/tasks/core/read-client-files.yml
index ae1b063..7b63a22 100644
--- a/tasks/core/read-client-files.yml
+++ b/tasks/core/read-client-files.yml
@@ -1,6 +1,6 @@
 ---
 - name: Read CA file
-  command: cat "{{ openvpn_keydir }}/ca.crt"
+  command: cat "{{ openvpn_ca_certs_file }}"
   no_log: true
   register: openvpn_read_ca_file_results
   changed_when: false
diff --git a/templates/server.conf.j2 b/templates/server.conf.j2
index f7ee72e..c551cf6 100644
--- a/templates/server.conf.j2
+++ b/templates/server.conf.j2
@@ -42,9 +42,9 @@ dev {{ openvpn_dev }}
 #
 # Any X509 key management system can be used. OpenVPN can also use a PKCS #12
 # formatted key file (see "pkcs12" directive in man page).
-ca {{ openvpn_keydir }}/ca.crt
-cert {{ openvpn_keydir }}/issued/server.crt
-key {{ openvpn_keydir }}/private/server.key  # This file should be kept secret
+ca {{ openvpn_ca_certs_file }}
+cert {{ openvpn_server_cert_file }}
+key {{ openvpn_server_key_file }}  # This file should be kept secret
 
 # Diffie hellman parameters. Generate your own with: openssl dhparam -out
 # dh1024.pem 1024 Substitute 2048 for 1024 if you are using 2048 bit keys.